CVE Details
Basic Information
| Title | Campcodes Simple Student Information System view_course.php sql injection |
|---|---|
| Type | cve |
| Published | 2023-11-02T18:00:12.789Z |
| Modified | 2025-02-27T20:35:43.439Z |
Product Information
| Vendor | Campcodes |
|---|---|
| Product | Simple Student Information System |
| Version | 1.0 |
CVSS Information
| Base Score | 5.5 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
AI Analysis
| AI Description | A SQL injection vulnerability was discovered in the view_course.php file of Campcodes Simple Student Information System version 1.0. This vulnerability allows attackers to inject malicious SQL code by manipulating the ‘id’ argument, potentially leading to unauthorized data access or modification. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Campcodes |
| AI Product | Simple Student Information System |
| AI Version | 1.0 |
Affected Products
- Campcodes Simple Student Information System 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability classified as critical was found in Campcodes Simple Student Information System 1.0. This vulnerability affects unknown code of the file /admin/courses/view_course.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244324.